1. Introduction

Tomfoolery Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website tomfoolery.ltd or use our services.

We are a limited company registered in the UK.

This policy is provided in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

2. Data Controller

Tomfoolery Ltd is the data controller responsible for your personal data.

Contact Details:

Email: hello@tomfoolery.ltd

3. Information We Collect

We may collect and process the following categories of personal data:

Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
Usage Data: Information about how you use our website, products, and services, including pages visited, time spent on pages, and navigation paths.

4. How We Collect Your Data

We collect personal data through:

Direct interactions: When you fill in forms, correspond with us, create an account, subscribe to our services, or give us feedback.
Automated technologies: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns through cookies and similar technologies.

5. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis for processing your personal data. We rely on the following bases:

Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
Contract: Where processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Legal obligation: Where processing is necessary to comply with a legal obligation.
Legitimate interests: Where processing is necessary for our legitimate interests (or those of a third party), provided these are not overridden by your rights and interests.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to distinguish you from other users. This helps us provide you with a good experience and allows us to improve our site.

Cookies are small text files placed on your device when you visit our website. We use the following types of cookies:

Strictly necessary cookies: Required for the operation of our website. They include cookies that enable you to log into secure areas.
Analytical/performance cookies: Allow us to recognise and count visitors and see how visitors move around our website.
Functionality cookies: Used to recognise you when you return to our website and enable us to personalise content for you.
Targeting cookies: Record your visit to our website, the pages you have visited, and the links you have followed to recognise you as a previous visitor and track your activity.

Under PECR, you have the right to choose whether to accept or reject non-essential cookies. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

7. Analytics

We use analytics services, including Google Analytics, to help us understand how visitors use our website. These services collect information about your use of the website, including your IP address, the pages you visit, and the time spent on each page.

This information is used to compile reports and help us improve the website. The data collected is aggregated and anonymous where possible.

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

11. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

As a general guideline, we retain personal data for 1 year from the date of collection or your last interaction with us, unless a longer retention period is required or permitted by law.

To determine the appropriate retention period for personal data, we consider:

The amount, nature, and sensitivity of the personal data
The potential risk of harm from unauthorised use or disclosure
The purposes for which we process your personal data
Whether we can achieve those purposes through other means
Applicable legal requirements

12. Your Legal Rights

Under UK data protection laws, you have the following rights:

Right of access: You can request a copy of the personal data we hold about you.
Right to rectification: You can ask us to correct inaccurate or incomplete personal data.
Right to erasure: You can ask us to delete your personal data in certain circumstances.
Right to restrict processing: You can ask us to suspend the processing of your personal data in certain circumstances.
Right to data portability: You can request the transfer of your personal data to you or a third party in a commonly used, machine-readable format.
Right to object: You can object to processing of your personal data where we are relying on a legitimate interest.
Right to withdraw consent: Where we rely on consent to process your personal data, you can withdraw consent at any time.

To exercise any of these rights, please contact us at hello@tomfoolery.ltd. We will respond to your request within one month. We may need to verify your identity before processing your request.

You will not have to pay a fee to access your personal data or exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

13. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

We have procedures in place to deal with any suspected personal data breach and will notify you and the ICO of a breach where we are legally required to do so.

16. Complaints

If you have any concerns about how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues:

Website: ico.org.uk/make-a-complaint
Telephone: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would appreciate the chance to address your concerns before you approach the ICO, so please contact us first at hello@tomfoolery.ltd.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

18. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: hello@tomfoolery.ltd